Systems and Methods for Location-Based Device Security

ABSTRACT

A device may collect environmental information surrounding the device. Based on the collected environmental information, the device may automatically identify a potentially secured location that has lower security risk. When a potentially secured location is identified, the device may prompt the user to setup a security profile having reduced security requirement for the secured location. The device may store and associate the security profile with the secured location. The device may activate the security profile with reduced security requirement when the device is in the secured area. Further, the security profile may require that certain features of the device be disabled when the device is in the secured location.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.16/269,857, filed Feb. 7, 2019, which is a continuation of U.S. patentapplication Ser. No. 15/785,395, filed Oct. 16, 2017, now U.S. Pat. No.10,243,944, issued Mar. 26, 2019, which is a continuation of U.S. patentapplication Ser. No. 14/881,094, filed Oct. 12, 2015, now U.S. Pat. No.9,794,243, issued Oct. 17, 2017, which is a continuation of U.S. patentapplication Ser. No. 13/971,717, filed Aug. 20, 2013, now U.S. Pat. No.9,160,729, issued Oct. 13, 2015, which are incorporated herein byreference in their entirety.

BACKGROUND Field of the Invention

The present invention generally relates to systems and methods forimplementing location-based security for devices.

Related Art

With the proliferation of internet commerce, online security has becomea main concern for many internet users. Conventional user login name andpassword may no longer be adequate to provide security. Many onlineservices now require additional security features, such as securityquestions, additional pass phrases, images, and etc. Further, additionalsecurity also is being added to computers and mobile devices, becauseusers increasingly utilize these devices to conduct online businesstransactions. The need for additional security results in stricterauthentication requirement when accessing the online services or devicesused for the online services. For example, a user may be required toenter multiple passwords or passphrases to be granted access to a deviceor an online service. As such, it becomes increasingly tedious for auser to gain access to a device or an online service. Therefore, thereis a need for a system or method that allows a user to easily gainaccess to a device or an online service when the user is in a securedlocation, in which excess security requirement are not needed.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is block diagram of a networked system suitable for implementinga process for location-based device security according to an embodiment.

FIG. 2 is a flowchart showing a process for designating a securedlocation according to one embodiment.

FIG. 3 is a flowchart showing a process for activating a securityprofile according to one embodiment.

FIG. 4 is a block diagram of a computer system suitable for implementingone or more components in FIG. 1 according to one embodiment.

Embodiments of the present disclosure and their advantages are bestunderstood by referring to the detailed description that follows. Itshould be appreciated that like reference numerals are used to identifylike elements illustrated in one or more of the figures, whereinshowings therein are for purposes of illustrating embodiments of thepresent disclosure and not for purposes of limiting the same.

DETAILED DESCRIPTION

According to an embodiment, when a device enters an environment withlower security risk, the device may prompt a user to designate theenvironment to be a secured location. For example, the secured locationmay be frequented locations, such as home or work. If the userdesignates the environment as a secured location, the device mayassociate a security profile having reduced security requirement withthe secured location. For example, the reduced security requirement mayrequire less or no passwords during access authentication for thedevice. The device may activate the security profile with reducedsecurity requirement when the device is in the secured area.

According to one embodiment, the security profile may require thatcertain features of the device be disabled when the device is in thesecured location. For example, texting features of a mobile phone may bedisabled when the mobile phone is in a moving vehicle. Thus, the movingvehicle may be a secured location, in which no texting messages arereceived or transmitted by the mobile phone.

FIG. 1 is a block diagram of a networked system 100 configured tofacilitate a process for location-based device security in accordancewith an embodiment of the invention. Networked system 100 may compriseor implement a plurality of servers and/or software components thatoperate to perform various payment transactions or processes. Exemplaryservers may include, for example, stand-alone and enterprise-classservers operating a server OS such as a MICROSOFT® OS, a UNIX® OS, aLINUX® OS, or other suitable server-based OS. It can be appreciated thatthe servers illustrated in FIG. 1 may be deployed in other ways and thatthe operations performed and/or the services provided by such serversmay be combined or separated for a given implementation and may beperformed by a greater number or fewer number of servers. One or moreservers may be operated and/or maintained by the same or differententities.

System 100 may include a user device 110 and a service provider server170 in communication over a network 160. Service provider server 170 maybe maintained by an online service provider, such as PayPal, Inc. of SanJose, Calif. A user 105, such as a sender or consumer, utilizes userdevice 110 to conduct business using service provider server 170. Forexample, a user 105 may utilize user device 110 to initiate a paymenttransaction, receive a transaction approval request, or reply to therequest. Note that transaction, as used herein, refers to any suitableaction performed using the user device, including payments, transfer ofinformation, display of information, etc.

User device 110 and service provider server 170 may each include one ormore processors, memories, and other appropriate components forexecuting instructions such as program code and/or data stored on one ormore computer readable mediums to implement the various applications,data, and steps described herein. For example, such instructions may bestored in one or more computer readable media such as memories or datastorage devices internal and/or external to various components of system100, and/or accessible over network 160.

Network 160 may be implemented as a single network or a combination ofmultiple networks. For example, in various embodiments, network 160 mayinclude the Internet or one or more intranets, landline networks,wireless networks, and/or other appropriate types of networks.

User device 110 may be implemented using any appropriate hardware andsoftware configured for wired and/or wireless communication over network160. For example, in one embodiment, the user device may be implementedas a personal computer (PC), a smart phone, personal digital assistant(PDA), laptop computer, and/or other types of computing devices capableof transmitting and/or receiving data, such as an iPad™ from Apple™.

User device 110 may include one or more browser applications 115 whichmay be used, for example, to provide a convenient interface to permituser 105 to browse information available over network 160. For example,in one embodiment, browser application 115 may be implemented as a webbrowser configured to view information available over the Internet, suchas a user account for setting up a gift list and/or merchant sites forviewing and purchasing gifts. User device 110 may also include one ormore toolbar applications 120 which may be used, for example, to provideclient-side processing for performing desired tasks in response tooperations selected by user 105. In one embodiment, toolbar application120 may display a user interface in connection with browser application115.

User device 110 may further include other applications 125 as may bedesired in particular embodiments to provide desired features to userdevice 110. For example, other applications 125 may include securityapplications for implementing client-side security features,programmatic client applications for interfacing with appropriateapplication programming interfaces (APIs) over network 160, or othertypes of applications.

Applications 125 may also include email, texting, voice and IMapplications that allow user 105 to send and receive emails, calls, andtexts through network 160, as well as applications that enable the userto communicate, transfer information, make payments, and otherwiseutilize a smart wallet through the payment provider as discussed above.User device 110 includes one or more user identifiers 130 which may beimplemented, for example, as operating system registry entries, cookiesassociated with browser application 115, identifiers associated withhardware of user device 110, or other appropriate identifiers, such asused for payment/user/device authentication. In one embodiment, useridentifier 130 may be used by a payment service provider to associateuser 105 with a particular account maintained by the payment provider. Acommunications application 122, with associated interfaces, enables userdevice 110 to communicate within system 100.

User device 110 may include applications for collecting environmentaldata, such as geo-location data via Global Positioning System (GPS),temperature data, altitude data, humidity data, data regarding devicemovement, ambient sound data, imaging data via a camera, and etc.Further, geo-fencing technology may be used to set up boundaries todefine a location. User device 110 may detect signals from devices thatimplement geo-fencing technology. These environmental data may beutilized to determine a location or environment in which user device 110is located.

Service provider server 170 may be maintained, for example, by an onlineservice provider which may provide online service to user 105. In thisregard, service provider server 170 includes one or more serviceapplications 175 which may be configured to interact with user device110 over network 160 to facilitate the services and communicate/displayinformation at user device 110. For example, service provider server 170may provide services, such as payment transaction, banking, retailshopping, and etc.

Service provider server 170 also maintains a plurality of user accounts180, each of which may include account information 185 associated withusers. For example, account information 185 may include privatefinancial information of users of devices such as account numbers,passwords, device identifiers, user names, phone numbers, credit cardinformation, bank information, or other financial information which maybe used to facilitate online transactions by user 105. Accountinformation 185 may also include security profiles for users or userdevices.

Security applications 190, which may be part of service application 175or separate, may be configured to receive security information from auser device for processing and storage in a service database 195.Security applications 190 may include one or more applications toprocess and manage security information from user 105 and. As such,security applications 190 may store details of security profiles fromusers or user devices, associated secured locations, and etc. Serviceapplication 175 may be further configured to determine the existence ofand to manage accounts for user 105, as well as create new accounts ifnecessary, such as the set up and management user accounts.

FIG. 2 is a flowchart showing a process 200 for designating a securedlocation according to one embodiment. At step 202, user device 110 maydetect environmental data. For example, user device 110 may detect WiFisignals, Bluetooth signals, available networks, geographical locationvia Global Positioning System (GPS), cellular signals, Near-FieldCommunication (NFC) signals, and etc. Further, user device 110 maydetect date and time, device movement, ambient sound/noise, temperature,humidity, ambient light, and etc. User device 110 may detect and collectthese environmental data for determining an environmental condition or alocation of user device 110. User device 110 may store the environmentaldata in a historical log. Thus, a historical environmental data may bestored at user device 110. In an embodiment, user device 110 may sendthe environmental data to service provider server 170 to be stored atservice provider server 170.

At step 204, user device 110 may determine whether user device 110 is ina potentially secured location using the detected environmental data. Inone embodiment, user device 110 may send the detected environmental datato service provider server 170. Service provider server 170 may receivethe environmental data from user device 110 and may determine whetheruser device 110 is in a potentially secured location based on theenvironmental data. A familiar location, at which user device 110 hadpreviously been accessed multiple times, such as at home or at work, maybe a potentially secured location. For example, user device 110 maydetect a wireless or wired network at home or at work and may determinethat user device 110 had been accessed multiple times before in the areaof the wireless or wired network based on the historical environmentaldata. Thus, user device 110 may determine that location of home or workwhere the same wireless or wired network is detected may be apotentially secured location. The user may also designate a home or workaddress as a secured location, such that the service provider determineswhether the location of the user device is within the user-designatedlocation.

In one embodiment, a potentially secured location may be determinedbased on the proximity of other devices. For example, user device 110may detect signals, such as an NFC signal or a Bluetooth, emitted from auser's other peripheral devices, such as a watch, a printer, a laptop, atablet computer, glasses, other wearable devices, etc. Based onhistorical environmental data, user device 110 may determine that userdevice 110 had been accessed multiple times before in the proximity ofthese peripheral devices. Thus, user device 110 may determine that theproximity of these peripheral devices constitute a potentially securedlocation. In an embodiment, security requirement for accessing userdevice 110 may decrease with the increase in the number of the user'sother devices that are in proximity of user device 110.

In an embodiment, an administrator of a corporate server may designateparticular secured locations for user device 110. For example,geographical locations of company buildings and the employee's residentmay be designated as secure locations. Based on the geographicallocation detected by a GPS sensor, user device 110 may allow access withreduced security requirement at these designated secured locations.Further, other locations, such as hotel locations of a participatinghotel chain may be designated by a company as secured locations. Thus,user device 110 may allow access with reduced security requirement atthe hotel locations of the participating hotel chain when companyemployees stay at these hotels for business travel.

In an embodiment, public places, such as a movie theater, hospital,court house, airplane, place of worship, or the like may have a beacondevice that broadcasts a signal, such as a WiFi or Bluetooth signal,that signifies a certain security profile for the public place. Forexample, a beacon device at a movie theater may broadcast a signal for asecurity profile that restricts phone calls for mobile devices or thatturns phone rings to vibrate. Thus, the beacon device may signify asecured location at this public place. User device 110 may detect thebeacon signal and may determine that user device 110 is in a potentiallysecured location.

User device 110 also may use environmental data collected by varioussensors, such as movement, sound, ambient light, temperature, and etc.to determine a potentially secured location. For example, if user device110 detects that user device 110 is moving at a high speed, such asgreater than 150 miles per hour (mph), user device 110 may determinethat user device 110 is in an airplane during takeoff and may determinethat user device 110 should be changed to an airplane mode associatedwith a security profile that restricts phone calls or texting. Userdevice 110 may suggest to the user to switch user device 110 to theairplane mode.

After a potentially secured location is determined by user device 110 orby service provider server 170 at step 204, a notification may begenerated to notify the user that a potentially secured location isdetected at step 206. The notification may include a description of theenvironmental condition used to qualify the potentially securedlocation. For example, the notification may indicate that two otherperipheral devices belonging to the same user are in the proximity ofuser device as an environmental condition that qualifies for apotentially secured location.

At step 208, a request to designate the location as a secured locationmay be generated and displayed to the user. For example, a potentiallysecured location may be a merchant store where user device 110 had beenused multiple times to make purchase. A notification may inform the userthat multiple purchases had been made using user device 110 at themerchant location and whether the user would like to designate themerchant location as a secured location, such that reduced securityrequirement may be used for the next purchase.

In another example, user device 110 may detect a beacon signalsignifying a movie theater mode when user device 110 enters a movietheater. A notification may be generated and displayed at user device110 to inform the user that user device 110 appears to be in a movietheater and request whether the user would like to use the movie theatermode for user device 110 to restrict phone calls, switch to vibrate-onlymode, or turn off phone rings.

At step 210, user device 110 may receive a user response and determinewhether to set up a security profile for the potentially securedlocation based on the user response. If the user response indicates thatno security profile should be set up for the potentially securedlocation at step 210, user device 110 may continue to search forpotentially secured locations at step 216. For example, the process mayreturn to step 202 to continue collecting environmental data. Userdevice 110 may continue to monitor and analyze environmental data toidentify other potential secured locations. This process allows thesystem or user device 110 to continuously learn the user's environment,activities, or habits, and suggest appropriate potentially securedlocations to the user.

In an embodiment, if a potentially secured location is not designated asa secured location for the first time, the potentially secured locationmay be stored or flagged, such that no notification or request to set upsecurity profile is generated the next time user device 110 is entersthe same potentially secured location. Thus, after the user refuses todesignate a certain potentially secured location for the first time, theuser is not notified again when user device 110 enters the certainpotentially secured area in the future.

If the user response indicates that a security profile should be set upfor the potentially secured location at step 210, user device 110 mayreceive user input for setting up the security profile at step 212.Various security options, such as reduced passcode, automatic accesswithout authentication, restricted phone use, or etc., may be presentedfor user's selection. For example, a company building may be a securedlocation for a company-issued laptop. The user of the company-issuedlaptop may set up a security profile for the company building such thatthe company-issued laptop is automatically connected to the company'sVPN network without authorization process, e.g., no password or IDinput. In another example, the user may set up the security profile,such that texting or phone calls are restricted in a moving vehicle.

In still another example, a location of a coffee shop between 7:00 AM to9:00 AM on a week day may be designated as a secured location and time,because the user visits the coffee shop every week day morning topurchase a cup of coffee. The user may set up a security profile forthis location and time, such that payment transactions using user device110 at the coffee shop between 7:00 AM and 9:00 AM on a week day requireno authentication.

At step 214, user device 110 may store the designated secured location(and time) with the security profile set up by the user. In oneembodiment, service provider server 170 may store and associate thedesignated secured location with the security profile. Thus, when userdevice 110 visits the designated secured location in the future, anappropriate security profile may automatically be activated for theuser's convenience. For example, at a frequently visited merchant, theuser may have reduced authentication requirement, e.g., partialpasscode, for making a purchase using user device 110.

By using the above process, potentially secured locations mayautomatically be identified and suggested to a user. The user is allowedto designate a secured location and set up a security profile for thesecured location. Thus, appropriate security requirement or restrictionsmay be implemented for user device 110 based on the time and location ofuser device 110.

FIG. 3 is a flowchart showing a process for activating a securityprofile according to one embodiment. At step 302, user device 110 maymonitor and collect environmental data. For example, user device 110 mayuse various communication devices or sensors to detect WiFi signals,Bluetooth signals, NFC signals, GPS location, device movements,temperature, ambient noise, ambient light, and etc.

At step 304, user device 110 or service provider server 170 maydetermine whether user device 110 is in a designated secured location.For example, profiles of designated secured locations may be stored inuser device 110 or service provider server 170. Each profile ofdesignated secured location may include environmental conditions thatidentify the designated secured location, such as proximity of otherdevices, geographical location, detection of certain signals, and etc.

When current environmental condition matches that of a designatedsecured location, user device 110 or service provider server 170 maydetermine that user device 110 is in the designated secured location atstep 304. At step 306, user device 110 may activate the security profileassociated with the designated secured location. For example, when ahome wireless network is detected, which is an environmental conditionfor a designated secured location, a security profile associated withthe designated secured location may be activated. The security profilefor home may be to have automatic full access to all sensitive andprivate data without authentication. Thus, a user may skip the tediousauthentication process when using user device 110 at home.

In an embodiment, service provider server 170 may activate the securityprofile associated with the designated secured location for servicesrendered to user device 110. For example, when a user attempts to accessa user account at service provider server 170, service provider server170 may receive, from user device 110, environmental data detected atuser device 110 and the identification information for the user account.Service provider server 170 may determine, based on the receivedenvironmental data and the designated secured location associated withthe user account, whether user device 110 is in a secured locationdesignated by the user. If so, service provider 170 may activate thesecurity profile associated with the designated secured location foruser device 110. Service provider server 170 then may generate anauthentication request with reduced authentication requirement based onthe activated security profile. For example, service provider server 170may generate an authentication request prompting for the user to enterpartial password, e.g., the first three letters of the password, insteadof the full password. Service provider server 170 may receive the user'sresponse to the authentication request and determine whether the partialpassword matches the password stored with the user account at serviceprovider server 170. Thus, the reduced authentication requirement mayreduce the user's input required to access the service provider server170.

When service provider server 170 is a payment service provider and isused to make a purchase via user device 110 at a non-secured location,service provider server 170 may generate an authentication requestprompting the user to enter full user ID and password. Further, serverprovider server 170 may conduct regular fraud analysis for the paymenttransaction. On the other hand, when the purchase is made at adesignated secured location, service provider server 170 may generate anauthentication request requiring less or no password. Further, serviceprovider server 170 may conduct a lighter fraud analysis for the paymenttransaction taking place in a designated secured area.

Examples of reduced authentication requirement may include automaticaccess to online services or to a Virtual Private Network (VPN). Inanother example, the user ID and password for authentication mayautomatically be entered for the user in a designated secured location.

If the detected environmental condition does not match any of theenvironmental conditions associated with the designated securitylocations at step 304, user device 110 may use a default securityprofile at step 308. For example, when user device 110 is at a newgeographical location, user device 110 may use the default securityprofile that requires regular authentication process to access userdevice 110 or other online services offered at service provider server170 via user device 110.

In an embodiment, when user device 110 detected that user device 110 isin a new location in which user device 110 has never visited, userdevice 110 may use a security profile with elevated security. Forexample, when a user travels to a new state or country and wishes toconduct banking business using service provider sever 170 via userdevice 110, user device 110 may detect that user device 110 is visitinga new location and service provider server 170 may use a securityprofile with elevated security requirement, such as additional securityquestions during user login for the user's banking account.

By using the above processes, potentially secured locations may beidentified and notified to the user. The user may be allowed todesignate secured locations and set up security profiles for thedesignated secured locations. The security profiles may be activatedautomatically when a device enters the designated secured locations.Security and other settings may be adjusted based on the location andenvironment the device is in. Thus, appropriate security settings mayautomatically be used for the device to improve user experience.

FIG. 4 is a block diagram of a computer system 400 suitable forimplementing one or more embodiments of the present disclosure. Invarious implementations, the user device may comprise a personalcomputing device (e.g., smart phone, a computing tablet, a personalcomputer, laptop, PDA, Bluetooth device, key FOB, badge, etc.) capableof communicating with the network. The merchant and/or payment providermay utilize a network computing device (e.g., a network server) capableof communicating with the network. It should be appreciated that each ofthe devices utilized by users, merchants, and payment providers may beimplemented as computer system 400 in a manner as follows.

Computer system 400 includes a bus 402 or other communication mechanismfor communicating information data, signals, and information betweenvarious components of computer system 400. Components include aninput/output (I/O) component 404 that processes a user action, such asselecting keys from a keypad/keyboard, selecting one or more buttons orlinks, etc., and sends a corresponding signal to bus 402. I/O component404 may also include an output component, such as a display 411 and acursor control 413 (such as a keyboard, keypad, mouse, etc.). Anoptional audio input/output component 405 may also be included to allowa user to use voice for inputting information by converting audiosignals. Audio I/O component 405 may allow the user to hear audio. Atransceiver or network interface 406 transmits and receives signalsbetween computer system 400 and other devices, such as another userdevice, a merchant server, or a payment provider server via network 360.In one embodiment, the transmission is wireless, although othertransmission mediums and methods may also be suitable. A processor 412,which can be a micro-controller, digital signal processor (DSP), orother processing component, processes these various signals, such as fordisplay on computer system 400 or transmission to other devices via acommunication link 418. Processor 412 may also control transmission ofinformation, such as cookies or IP addresses, to other devices.

Components of computer system 400 also include a system memory component414 (e.g., RAM), a static storage component 416 (e.g., ROM), and/or adisk drive 417. Computer system 400 performs specific operations byprocessor 412 and other components by executing one or more sequences ofinstructions contained in system memory component 414. Logic may beencoded in a computer readable medium, which may refer to any mediumthat participates in providing instructions to processor 412 forexecution. Such a medium may take many forms, including but not limitedto, non-volatile media, volatile media, and transmission media. Invarious implementations, non-volatile media includes optical or magneticdisks, volatile media includes dynamic memory, such as system memorycomponent 414, and transmission media includes coaxial cables, copperwire, and fiber optics, including wires that comprise bus 402. In oneembodiment, the logic is encoded in non-transitory computer readablemedium. In one example, transmission media may take the form of acousticor light waves, such as those generated during radio wave, optical, andinfrared data communications.

Some common forms of computer readable media includes, for example,floppy disk, flexible disk, hard disk, magnetic tape, any other magneticmedium, CD-ROM, any other optical medium, punch cards, paper tape, anyother physical medium with patterns of holes, RAM, PROM, EEPROM,FLASH-EEPROM, any other memory chip or cartridge, or any other mediumfrom which a computer is adapted to read.

In various embodiments of the present disclosure, execution ofinstruction sequences to practice the present disclosure may beperformed by computer system 400. In various other embodiments of thepresent disclosure, a plurality of computer systems 400 coupled bycommunication link 418 to the network (e.g., such as a LAN, WLAN, PTSN,and/or various other wired or wireless networks, includingtelecommunications, mobile, and cellular phone networks) may performinstruction sequences to practice the present disclosure in coordinationwith one another.

Where applicable, various embodiments provided by the present disclosuremay be implemented using hardware, software, or combinations of hardwareand software. Also, where applicable, the various hardware componentsand/or software components set forth herein may be combined intocomposite components comprising software, hardware, and/or both withoutdeparting from the spirit of the present disclosure. Where applicable,the various hardware components and/or software components set forthherein may be separated into sub-components comprising software,hardware, or both without departing from the scope of the presentdisclosure. In addition, where applicable, it is contemplated thatsoftware components may be implemented as hardware components andvice-versa.

Software, in accordance with the present disclosure, such as programcode and/or data, may be stored on one or more computer readablemediums. It is also contemplated that software identified herein may beimplemented using one or more general purpose or specific purposecomputers and/or computer systems, networked and/or otherwise. Whereapplicable, the ordering of various steps described herein may bechanged, combined into composite steps, and/or separated into sub-stepsto provide features described herein.

The foregoing disclosure is not intended to limit the present disclosureto the precise forms or particular fields of use disclosed. As such, itis contemplated that various alternate embodiments and/or modificationsto the present disclosure, whether explicitly described or impliedherein, are possible in light of the disclosure. Having thus describedembodiments of the present disclosure, persons of ordinary skill in theart will recognize that changes may be made in form and detail withoutdeparting from the scope of the present disclosure. Thus, the presentdisclosure is limited only by the claims.

1. (canceled)
 2. A system, comprising: one or more processors, one ormore computer-readable memories, with program instructions stored on theone or more computer-readable memories, the one or more processorsconfigured to execute the program instructions to cause the system toperform the operations comprising: determining whether a location of auser device has been designated as a secure location; in response to thedetermining that the location of the user device has not been designatedas the secure location, determining an amount of times that the userdevice has interacted with a first device associated with the location;in response to determining that the amount of times that the user devicehas interacted with the first device exceeds a threshold amount,providing a prompt to the user device requesting whether the user of theuser device would like to designate the location as the secure location;and in response to receiving, from the user device, an input thatcorresponds to an acceptance to designate the location as the securelocation, implementing a reduced authentication level for interactionsbetween the user device and the first device.
 3. The system of claim 2,the operations further comprising: in response to detecting, from theuser device, a request to perform an electronic transaction with thefirst device, determining that the location of the user device has beendesignated as a secure location; and in response to determining that thelocation of the user device has been designated as a secure location,performing an authentication based on the reduced authentication level.4. The system of claim 2, the operations further comprising: in responseto detecting, from the user device, a request to transmit a payment tothe first device, determining that the location of the user device hasbeen designated as a secure location; and in response to determiningthat the location of the user device has been designated as a securelocation, performing an authentication based on the reducedauthentication level.
 5. The system of claim 2, wherein the reducedauthentication level does not require authentication information to beprovided by the user of the user device.
 6. The system of claim 2,wherein a second device is associated with the location, and wherein theoperations further comprise implementing the reduced authenticationlevel for interactions between the user device and the second device. 7.The system of claim 2, the operations further comprising: in response tothe receiving, from the user device, the input that corresponds to theacceptance to designate the location as the secure location, creating asecurity profile and storing the security profile in association withthe location.
 8. The system of claim 2, wherein the implementing thereduced authentication level for interactions between the user deviceand the first device includes implementing the reduced authenticationlevel for interactions between user device and the first device for aspecified time interval.
 9. A method comprising: determining whether alocation of a user device has been designated as a secure location; inresponse to the determining that the location of the user device has notbeen designated as the secure location, determining an amount of timesthat the user device has interacted with a first device associated withthe location; in response to determining that the amount of times thatthe user device has interacted with the first device exceeds a thresholdamount, providing a prompt to the user device requesting whether theuser of the user device would like to designate the location as thesecure location; and in response to receiving, from the user device, aninput that corresponds to an acceptance to designate the location as thesecure location, implementing a reduced authentication level forinteractions between the user device and the first device.
 10. Themethod of claim 9, further comprising: in response to detecting, fromthe user device, a request to perform an electronic transaction with thefirst device, determining that the location of the user device has beendesignated as a secure location; and in response to determining that thelocation of the user device has been designated as a secure location,performing an authentication based on the reduced authentication level.11. The method of claim 9, further comprising: in response to detecting,from the user device, a request to transmit a payment to the firstdevice, determining that the location of the user device has beendesignated as a secure location; and in response to determining that thelocation of the user device has been designated as a secure location,performing an authentication based on the reduced authentication level.12. The method of claim 9, wherein the reduced authentication level doesnot require authentication information to be provided by the user of theuser device.
 13. The method of claim 9, wherein a second device isassociated with the location, and wherein the operations furthercomprise implementing the reduced authentication level for interactionsbetween the user device and the second device.
 14. The method of claim9, further comprising: in response to the receiving, from the userdevice, the input that corresponds to the acceptance to designate thelocation as the secure location, creating a security profile and storingthe security profile in association with the location.
 15. The method ofclaim 9, wherein the implementing the reduced authentication level forinteractions between the user device and the first device includesimplementing the reduced authentication level for interactions betweenuser device and the first device for a specified time interval.
 16. Acomputer program product comprising: one or more computer-readabletangible storage devices, and program instructions stored on at leastone of the one or more computer-readable tangible storage devices, theprogram instructions when executed cause a machine to perform operationscomprising: determining whether a location of a user device has beendesignated as a secure location; in response to the determining that thelocation of the user device has not been designated as the securelocation, determining an amount of times that the user device hasinteracted with a first device associated with the location; in responseto determining that the amount of times that the user device hasinteracted with the first device exceeds a threshold amount, providing aprompt to the user device requesting whether the user of the user devicewould like to designate the location as the secure location; and inresponse to receiving, from the user device, an input that correspondsto an acceptance to designate the location as the secure location,implementing a reduced authentication level for interactions between theuser device and the first device.
 17. The computer program product ofclaim 16, the operations further comprising: in response to detecting,from the user device, a request to perform an electronic transactionwith the first device, determining that the location of the user devicehas been designated as a secure location; and in response to determiningthat the location of the user device has been designated as a securelocation, performing an authentication based on the reducedauthentication level.
 18. The computer program product of claim 16, theoperations further comprising: in response to detecting, from the userdevice, a request to transmit a payment to the first device, determiningthat the location of the user device has been designated as a securelocation; and in response to determining that the location of the userdevice has been designated as a secure location, performing anauthentication based on the reduced authentication level.
 19. Thecomputer program product of claim 16, wherein the reduced authenticationlevel does not require authentication information to be provided by theuser of the user device.
 20. The computer program product of claim 16,wherein a second device is associated with the location, and wherein theoperations further comprise implementing the reduced authenticationlevel for interactions between the user device and the second device.21. The computer program product of claim 16, the operations furthercomprising: in response to the receiving, from the user device, theinput that corresponds to the acceptance to designate the location asthe secure location, creating a security profile and storing thesecurity profile in association with the location.